Monitoring Presence of Authorized User During User Session Based Upon Mobile Computing Device Motion

ABSTRACT

Methods, systems and apparatuses, including computer program products, are described for monitoring a presence of an authorized user of a mobile computing device during a user session based upon motion of the mobile computing device. The mobile computing device enters a first operational mode based upon a user session established by a user. The mobile computing device generates a first motion signature based upon first motion data obtained from a plurality of sensors during the user session, the first motion signature corresponding to the user. The mobile computing device generates a second motion signature based upon second motion data obtained from the plurality of sensors during the user session. The mobile computing device enters a second operational mode if a difference between the first motion signature and the updated motion signature exceeds a predetermined threshold.

TECHNICAL FIELD

This application relates generally to systems, methods and apparatuses,including computer program products, for monitoring a presence of anauthorized user of a mobile computing device during a user session basedupon motion of the mobile computing device.

BACKGROUND

Today's mobile computing devices, such as tablets and smartphones, aredesigned to be portable and lightweight, yet still have ample processingpower for handling the processing demands of commonly-used softwareapplications. As a result, many business locations such as kiosks andretail stores use mobile computing devices to facilitate businesstransaction with customers. For example, a customer of a wirelesscarrier may visit the carrier's retail store because they are interestedin upgrading their phone or changing their phone plan. Using a mobilecomputing device at the wireless carrier's retail store location, thecustomer can log into their account to look up their existing plan andbilling information, discuss and compare their plan options with a salesrepresentative while simultaneously viewing new smartphones throughoutthe store, and authorize changes to their account immediately uponmaking a decision.

However, the usefulness and portability of mobile computing devices alsomakes them popular targets for thieves who can easily slip them into abackpack or small bag undetected and carry them out of the retail store.The loss resulting from a stolen mobile computing device is twofold.Clearly, the business owner suffers a financial loss from having toreplace the stolen device. However, a far greater loss can be sufferedif the thief is able to obtain and use the business owner's sensitive orconfidential information that may be stored on the mobile computingdevice. Further, there is a similar risk of loss to a customer who mayhave been logged into the mobile computing device at the time it wastaken.

Current systems and methods for preventing theft of mobile computingdevices seek to solve the problem by attaching the mobile computingdevice to one end of a wire or cable “tether” while the other end isanchored to some stationary object within the retail store (e.g., desk,display table). However, this approach is cumbersome and undesirablebecause it limits one of the most useful aspects of the mobile computingdevice: its portability. Further, many business owners have labored tobuild a brand and reputation with their customers that is based on amutual trust, and tethering calls that trust into question in the mindsof their customers.

Some businesses have certain legal, regulatory and compliancerequirements related to inactivity logouts of user sessions operating ona mobile computing device. For example, one such requirement may mandatethat an inactive user session is logged out after no more than 180seconds of inactivity. However, such timeouts leaves ample time for athief to swipe a mobile computing device on which a customer's usersession has been established and make it out of the retail storelocation before the inactivity timeout occurs, allowing the thief tomaintain the user session and accordingly gain access the customer'saccount and personal information.

Current systems attempt to solve this problem using sensing matsunderneath the feet or chair of a user who has established a usersession on a computing device at a retail location. Upon sensing thatthe user has stepped off the sensing mat, the system logs the user outimmediately. However, such a system can be frustrating for a user whomay complete several steps of a lengthy application process during theuser session, but then lose all of their progress through theapplication process when upon stepping away from the computing devicefor a moment to ask a representative a question.

SUMMARY

Accordingly, there is a need for improved systems, methods andapparatuses for monitoring the presence of an authorized user during auser session and the movement of mobile computing devices, and forprotecting sensitive and confidential information stored on mobilecomputing devices and displayed on mobile computing devices during usersessions.

The invention, in one aspect, features a computerized method fordetecting movement of a mobile computing device based upon geospatialdata about a property location of the mobile computing device. A mobilecomputing device generates a baseline geospatial profile includingbaseline altitude data, baseline pressure data, and a predeterminedpressure range. The mobile computing device enters a first operationalmode, where the first operational mode permits a user to establish auser session on the mobile computing device. The mobile computing deviceobtains altitude data from a first sensor responsive to a change inaltitude of the mobile computing device, and obtains pressure data froma second sensor responsive to a change in a pressure of the location ofthe mobile computing device. The mobile computing device generates ageospatial signature based upon the altitude data and the pressure data.The mobile computing device compares the geospatial signature and thebaseline geospatial profile, and enters a second operational mode if adifference between one or more corresponding values of the baselinegeospatial profile and the geospatial signature exceeds a predeterminedthreshold.

The invention, in another aspect, features a computer program product,tangibly embodied in a non-transitory computer readable storage device,for detecting movement of a mobile computing device based upongeospatial data about a property location of the mobile computingdevice. The computer program product includes instructions operable tocause the mobile computing device to generate a baseline geospatialprofile including baseline altitude data, baseline pressure data, and apredetermined pressure range. The computer program product includesinstructions operable to cause the mobile computing device to enter afirst operational mode, where the first operational mode permits a userto establish a user session on the mobile computing device. The computerprogram product includes instructions operable to cause the mobilecomputing device to obtain altitude data from a first sensor responsiveto a change in altitude of the mobile computing device. The computerprogram product includes instructions operable to cause the mobilecomputing device to obtain pressure data from a second sensor responsiveto a change in a pressure of the location of the mobile computingdevice. The computer program product includes instructions operable tocause the mobile computing device to generate a geospatial signaturebased upon the altitude data and the pressure data. The computer programproduct includes instructions operable to cause the mobile computingdevice to compare the geospatial signature and the baseline geospatialprofile. The computer program product includes instructions operable tocause the mobile computing device to enter a second operational mode ifa difference between one or more corresponding values of the baselinegeospatial profile and the geospatial signature exceeds a predeterminedthreshold.

Any of the above aspects can include one or more of the followingfeatures. In some embodiments, generating the baseline geospatialprofile further includes: obtaining, by the mobile computing device, GPScoordinate data from a GPS of the mobile computing device, where the GPScoordinate data corresponds to a geographic location of the mobilecomputing device prior to entering the first operational mode;determining, by the mobile computing device, a property location of themobile computing device based upon the GPS coordinate data; retrieving,by the mobile computing device, the predetermined altitude thresholdfrom a server computing device based upon the property location of themobile computing device; obtaining, by the mobile computing device, thebaseline pressure data from the second sensor prior to entering thefirst operational mode; and retrieving, by the mobile computing device,the predetermined pressure range from a server computing device, wherethe predetermined pressure range comprises a maximum pressure value anda minimum pressure value.

In some embodiments, the predetermined pressure range is based uponhistorical pressure data corresponding to the property location of themobile computing device retrieved from a server computing device. Insome embodiments, the predetermined pressure range is based uponcurrently-forecasted pressure data corresponding to the propertylocation of the mobile computing device retrieved from a servercomputing device.

In some embodiments, entering the second operational mode furtherincludes determining, by the mobile computing device, whether thepressure data is outside of the predetermined pressure range if one ormore of: (i) a difference between the baseline altitude data and thealtitude data exceeds a first predetermined threshold, and (ii) adifference between the baseline pressure data and the pressure dataexceeds a second predetermined threshold. In some embodiments, enteringthe second operational mode further includes entering, by the mobilecomputing device, the second operation mode if the pressure data isoutside of the predetermined pressure range. In some embodiments, themobile computing device determines if the difference between thebaseline altitude data and the altitude data exceeds a firstpredetermined threshold when the altitude data is less than the baselinealtitude data

In some embodiments, the first sensor is an altimeter. In someembodiments, the second sensor is a hygrometer.

In some embodiments, entering the second operational mode includes oneor more of: transmitting, by the mobile computing device, an alert to aremote computing device; locking, by the mobile computing device, a usersession that has been established on the mobile computing device;ending, by the mobile computing device, a user session that has beenestablished on the mobile computing device; generating, by the mobilecomputing device, an audible alarm on a speaker of the mobile computingdevice; generating, by the mobile computing device, a visual alarm onone or more of a display and a light source of the mobile computingdevice; prompting, by the mobile computing device, the user to enteruser credential information; or erasing, by the mobile computing device,the contents of a volatile and a non-volatile information storage of themobile computing device.

In some embodiments, the alert includes one or more of: a unique deviceidentifier of the mobile computing device, a time stamp indicating whenthe mobile computing device entered the second operational mode, thealtitude data, and the pressure data. In some embodiments, transmittingthe alert further includes formatting, by the mobile computing device,the alert for transmission as one or more of an SMS message, aniMessage, and an email.

The invention, in another aspect, features a computerized method fordetecting proximity of a mobile computing device based upon physicalproperties of a property location of the mobile computing device. Themobile computing device generates a baseline proximity profile, wherethe baseline proximity profile includes data corresponding to at leastthree properties of a location of the mobile computing device. Themobile computing device enters a first operational mode, where the firstoperational mode permits a user to establish a user session on themobile computing device. The mobile computing device obtains firstsensor data from a first sensor responsive to a first property of thelocation of the mobile computing device. The mobile computing deviceobtains second sensor data from a second sensor responsive to a secondproperty of the location of the mobile computing device. The mobilecomputing device obtains third sensor data from a third sensorresponsive to a third property of the location of the mobile computingdevice, where the first, second, and third properties are different. Themobile computing device generates a proximity signature based upon thefirst sensor data, the second sensor data, and the third sensor data.The mobile computing device enters a second operational mode if adifference between one or more corresponding values of the baselineproximity profile and the proximity signature exceeds a predeterminedthreshold.

The invention, in another aspect, features a computer program product,tangibly embodied in a non-transitory computer readable storage device,for detecting a proximity of a mobile computing device based uponphysical properties of a property location of the mobile computingdevice. The computer program product includes instructions operable tocause the mobile computing device to generate a baseline proximityprofile, where the baseline proximity profile comprises datacorresponding to at least three properties of a location of the mobilecomputing device. The computer program product includes instructionsoperable to cause the mobile computing device to enter a firstoperational mode, where the first operational mode permits a user toestablish a user session on the mobile computing device. The computerprogram product includes instructions operable to cause the mobilecomputing device to obtain first sensor data from a first sensorresponsive to a first property of the location of the mobile computingdevice. The computer program product includes instructions operable tocause the mobile computing device to obtain second sensor data from asecond sensor responsive to a second property of the location of themobile computing device. The computer program product includesinstructions operable to cause the mobile computing device to obtainthird sensor data from a third sensor responsive to a third property ofthe location of the mobile computing device, where the first, second,and third properties are different. The computer program productincludes instructions operable to cause the mobile computing device togenerate a proximity signature based upon the first sensor data, thesecond sensor data, and the third sensor data. The computer programproduct includes instructions operable to cause the mobile computingdevice to enter a second operational mode if a difference between one ormore corresponding values of the baseline proximity profile and theproximity signature exceeds a predetermined threshold.

Any of the above aspects can include one or more of the followingfeatures. In some embodiments, generating the proximity signaturefurther includes determining, by the mobile computing device, aluminance based upon the third sensor data, and generating, by themobile computing device, a proximity signature data structure comprisingthe first sensor data, the second sensor data, and the luminance.

In some embodiments, generating the baseline proximity profile furtherincludes: obtaining, by the mobile computing device, first baseline datafrom the first sensor; obtaining, by the mobile computing device, secondbaseline data from the second sensor; obtaining, by the mobile computingdevice, third baseline data from the third sensor; determining, by themobile computing device, a baseline luminance based upon the thirdbaseline data; and generating, by the mobile computing device, abaseline proximity profile data structure comprising the first baselinedata, the second baseline data, and the baseline luminance.

In some embodiments, entering the second operational mode furtherincludes determining, by the mobile computing device, a differencebetween the first baseline data and the first sensor data, and, if thedifference between the first baseline data and the first sensor dataexceeds a first predetermined threshold: determining, by the mobilecomputing device, a difference between the second baseline data and thesecond sensor data; determining, by the mobile computing device, adifference between the baseline luminance and the luminance; andentering, by the mobile computing device, the second operational mode.In some embodiments, the mobile computing device enters the secondoperational mode when at least one of the difference between the secondbaseline data and the second sensor data exceeds a second predeterminedthreshold, and the difference between the baseline luminance and aluminance calculated based upon the third sensor data exceeds a thirdpredetermined threshold.

In some embodiments, the first sensor is a magnetometer, and the firstproperty of the location of the mobile computing device is a strength ofa magnetic field. In some embodiments, the second sensor is a soundtransducer, and the second property of the location of the mobilecomputing device comprises one or more of a sound amplitude, a soundtone, and a sound pitch. In some embodiments, the third sensor is alight sensor, and the third property of the location of the mobilecomputing device comprises a plurality of wavelengths of light.

In some embodiments, entering the second operational mode comprises oneor more of: transmitting, by the mobile computing device, an alert to aremote computing device; locking, by the mobile computing device, a usersession that has been established on the mobile computing device;ending, by the mobile computing device, a user session that has beenestablished on the mobile computing device; generating, by the mobilecomputing device, an audible alarm on a speaker of the mobile computingdevice; generating, by the mobile computing device, a visual alarm onone or more of a display and a light source of the mobile computingdevice; prompting, by the mobile computing device, the user to enteruser credential information; or erasing, by the mobile computing device,the contents of a volatile and a non-volatile information storage mediumof the mobile computing device.

In some embodiments, the alert comprises one or more of a deviceidentifier of the mobile computing device, a time stamp indicating whenthe mobile computing device entered the second operational mode, thefirst sensor data, the second sensor data, and a luminance calculatedbased upon the third sensor data. In some embodiments, transmitting thealert further comprises formatting the alert for transmission as one ormore of an SMS message, an iMessage, and an email.

The invention, in another aspect, features a computerized method formonitoring a presence of an authorized user of a mobile computing deviceduring a user session based upon motion of the mobile computing device.The mobile computing device enters a first operational mode based upon auser session established by a user. The mobile computing devicegenerates a first motion signature based upon first motion data obtainedfrom a plurality of sensors during the user session, the first motionsignature corresponding to the user. The mobile computing devicegenerates a second motion signature based upon second motion dataobtained from the plurality of sensors during the user session. Themobile computing device enters a second operational mode if a differencebetween the first motion signature and the updated motion signatureexceeds a predetermined threshold.

The invention, in another aspect, features a computer program product,tangibly embodied in a non-transitory computer readable storage device,for monitoring a presence of an authorized user of a mobile computingdevice during a user session based upon motion of the mobile computingdevice. The computer program product includes instructions operable tocause the mobile computing device to enter a first operational modebased upon a user session established by the user. The computer programproduct includes instructions operable to cause the mobile computingdevice to generate a first motion signature based upon first motion dataobtained from a plurality of sensors during the user session, the firstmotion signature corresponding to the user. The computer program productincludes instructions operable to cause the mobile computing device togenerate a second motion signature based upon second motion dataobtained from the plurality of sensors during the user session. Thecomputer program product includes instructions operable to cause themobile computing device to enter a second operational mode if adifference between the first motion signature and the second motionsignature exceeds a predetermined threshold.

Any of the above aspects can include one or more of the followingfeatures. In some embodiments, generating the first motion signaturefurther includes obtaining, by the mobile computing device, a firstsample of first motion data from a first sensor responsive to a firstmotion of the mobile computing device during the user session, andobtaining, by the mobile computing device, a first sample of secondmotion data from a second sensor responsive to a second motion of themobile computing device during the user session, where the first motionis different than the second motion. In some embodiments, generating thesecond motion signature further includes obtaining, by the mobilecomputing device, a second sample of first motion data from the firstsensor, and obtaining, by the mobile computing device, a second sampleof second motion data from the second sensor.

In some embodiments, obtaining the first sample of first motion data andthe first sample of second motion data further includes: capturing, bythe mobile computing device, a plurality of first samples of firstmotion data from the first sensor, wherein each of the first samples offirst motion data includes motion data corresponding to at least twodirections of first motion; and capturing, by the mobile computingdevice, a plurality of first samples of second motion data from thesecond sensor, where each of the first samples of second motion dataincludes motion data corresponding to at least two directions of secondmotion. In some embodiments, the plurality of first samples of firstmotion data and the plurality of first samples of second motion data arecaptured at predetermined intervals of time upon establishing the usersession.

In some embodiments, generating the first motion signature furtherincludes: determining, by the mobile computing device, a first pluralityof first motion statistics based upon an analysis of the plurality offirst samples of first motion data; determining, by the mobile computingdevice, a first plurality of second motion statistics based upon ananalysis of the plurality of first samples of second motion data; andgenerating, by the mobile computing device, a first motion signaturedata structure comprising the first plurality of first motion statisticsand the first plurality of second motion statistics. In someembodiments, the first plurality of first motion statistics areorganized into sets according to direction of first motion, and thefirst plurality of second motion statistics are organized into setsaccording to direction of second motion. In some embodiments, the firstplurality of first motion statistics and the first plurality of secondmotion statistics each include one or more of a maximum value, a minimumvalue, an average value, and a variance value

In some embodiments, obtaining the second sample of first motion dataand the second sample of second motion data further includes: capturing,by the mobile computing device, a plurality of second samples of firstmotion data from the first sensor, wherein each of the second samples offirst motion data includes motion data corresponding to at least twodirections of first motion; and capturing, by the mobile computingdevice, a plurality of second samples of second motion data from thesecond sensor. In some embodiments, each of the second samples of secondmotion data includes motion data corresponding to at least twodirections of second motion. In some embodiments, the plurality ofsecond samples of first motion data and the plurality of second samplesof second motion data are captured at predetermined intervals of timebeginning subsequent to capturing the plurality of first samples offirst motion data and the first samples of second motion data.

In some embodiments, generating the second motion signature furtherincludes: determining, by the mobile computing device, a secondplurality of first motion statistics based upon an analysis of theplurality of second samples of first motion data; determining, by themobile computing device, a second plurality of second motion statisticsbased upon an analysis of the plurality of second samples of secondmotion data; and generating, by the mobile computing device, a secondmotion signature data structure comprising the second plurality of firstmotion statistics and the second plurality of second motion statistics.In some embodiments, the second plurality of first motion statistics areorganized into sets according to direction of first motion, and thesecond plurality of second motion statistics are organized into setsaccording to direction of second motion. In some embodiments, the secondplurality of first motion statistics and the second plurality of secondmotion statistics each include one or more of a maximum value, a minimumvalue, an average value, and a variance value.

In some embodiments, the first sensor is responsive to a change inlinear acceleration. In some embodiments, the second sensor isresponsive to a change in angular velocity.

In some embodiments, entering the second operational mode includes oneor more of: locking, by the mobile computing device, the user session;ending, by the mobile computing device, the user session; generating, bythe mobile computing device, an audible alarm on a speaker of the mobilecomputing device; generating, by the mobile computing device, a visualalarm on a display of the mobile computing device; prompting, by themobile computing device, the user to reenter the user credentialinformation; or erasing, by the mobile computing device, the contents ofa volatile and a non-volatile information storage of the mobilecomputing device.

In some embodiments, the first sample of first motion data and the firstsample of second motion data correspond to a motion of the mobilecomputing device generated by a physical interaction of the user withthe mobile computing device at the time the user session is established.In some embodiments, the second sample of first motion data and thesecond sample of second motion data correspond to a motion of the mobilecomputing device generated by the physical interaction of the user withthe mobile computing device within a predetermined period of time afterthe user session is established.

In some embodiments, the method further includes: obtaining, by themobile computing device, a first sample of third motion data from athird sensor, the first sample of third motion data corresponding to analtitude of the mobile computing device, where the first sample of thirdmotion data is captured upon establishing the user session; determining,by the mobile computing device, a change in an altitude of the mobilecomputing device based upon a second sample of third motion dataobtained from the third sensor subsequent to obtaining the first sampleof third motion data; and generating, by the mobile computing device, anupdated first motion signature based upon an updated sample of firstmotion data and an updated sample of second motion data, wherein theupdated samples of first and second motion data are obtained subsequentto detecting the altitude change; comparing, by the mobile computingdevice, the updated first motion signature and the second motionsignature; and entering, by the mobile computing device, a secondoperational mode if a difference between the updated first motionsignature and the updated motion signature exceeds a predeterminedthreshold.

Other aspects and advantages of the invention will become apparent fromthe following detailed description, taken in conjunction with theaccompanying drawings, illustrating the principles of the invention byway of example only.

BRIEF DESCRIPTION OF THE DRAWINGS

The advantages of the invention described above, together with furtheradvantages, may be better understood by referring to the followingdescription taken in conjunction with the accompanying drawings. Thedrawings are not necessarily to scale, emphasis instead generally beingplaced upon illustrating the principles of the invention.

The advantages of the invention described above, together with furtheradvantages, may be better understood by referring to the followingdescription taken in conjunction with the accompanying drawings. Thedrawings are not necessarily to scale, emphasis instead generally beingplaced upon illustrating the principles of the invention.

FIG. 1 is a block diagram of an exemplary system, in accordance with theinvention.

FIG. 2 is a block diagram of an exemplary mobile computing device, inaccordance with the invention.

FIG. 3 is a flow diagram of a method for detecting movement of a mobilecomputing device based upon geospatial data about a property location ofthe mobile computing device in accordance with the invention.

FIG. 4 is a flow diagram of a method for detecting proximity of a mobilecomputing device based upon physical properties of a property locationof the mobile computing device, in accordance with the invention.

FIG. 5 is a flow diagram of a method for monitoring a presence of anauthorized user of a mobile computing device during a user session basedupon motion of the mobile computing device.

FIG. 6 is a diagram showing the axes of motion sampled by an exemplarysensor, in accordance with the technology.

FIG. 7 is a diagram showing the axes of motion sampled by an exemplarysensor, in accordance with the technology.

DETAILED DESCRIPTION

FIG. 1 is a block diagram of a system 100 in accordance with embodimentsof the invention described herein. System 100 includes property location110 which houses local server computing device 120 and mobile computingdevice 105. Property location 110 can be a retail store location (e.g.,a “brick-and-mortar” business location). In some embodiments, propertylocation 110 is a branch location of a services institution (e.g.,wireless carrier, cable network operator, financial services firm). Insome embodiments, property location 110 is a kiosk located at a mall orother shopping area. Local server computing device 120 can be collocatedwith mobile computing device 105 to store and provide data aboutproperty location 110. In some embodiments, local server computingdevice 120 includes files, applications, and scripts that can beaccessed by or served to mobile computing device 105 via a near field ornetwork connection. In some embodiments, local server computing device120 is a computer terminal used by a representative of the businessowner of property location 110, and provides access to an internalnetwork (e.g., intranet) that is not accessible via mobile computingdevice 105.

Although FIG. 1 shows a single mobile computing device at propertylocation 110, it should be understood that any number of mobilecomputing devices be located at property location 110. Examples ofmobile computing device 105 include tablet computers, smartphones, andother mobile computing devices known in the art. In some embodiments,mobile computing device 105 is a laptop computer.

FIG. 2 is a block diagram 200 of an exemplary embodiment of mobilecomputing device 105. Mobile computing device 105 includes processingsubsystem 205 in communication with sensor interface 210 for accessing avariety of sensors 215. Processing subsystem 205 generally includes aprocessor, volatile and non-volatile memory, and other logic formanaging and interfacing with other components of mobile computingdevice 105. Processing subsystem 205 is programmed with computersoftware instructions enabling it to perform the computations andoperations described herein in conjunction with the other components ofmobile computing device 105. Sensor interface 210 includes circuitry tofacilitate access to sensors 215. In some embodiments, sensor interface210 includes a co-processor in communication with one or more of sensors215 for collecting and processing sensor data from sensors 215.

Sensors 215 can include a plurality of sensors for detecting and/ormeasuring properties of mobile computing device 105 and its location(e.g., property location 110), and providing corresponding output (e.g.,electrical signal, optical signal). For example, sensors 215 can includesensors responsive to changes in the altitude of mobile computing device105 (e.g., barometric pressure sensor, pressure altimeter, barometricaltimeter). Sensors 215 can also include sensors responsive to a changein moisture content in the atmosphere (e.g., hygrometer), and sensorsresponsive to changes in the strength of a magnetic field (e.g.,magnetometer, teslameter, gaussmeter). Sensors 215 can further includesensors responsive to changes in properties of sound (e.g., microphone,sound transducer) such as changes in the amplitude, tone, pitch, and/orduration of sound. In some examples, sensors 215 include sensorsresponsive to changes in properties of light (e.g. ambient light sensor,photodetector, phototransistor, photodetector) such as changes inintensity and wavelength.

In some embodiments, sensors 215 includes sensors responsive to a changein linear acceleration (e.g., accelerometer) and angular velocity (e.g.,gyroscope), and the output from the sensors comprises signals or datacorresponding to a single axis or a plurality of axes (e.g., 2-axissensor, 3-axis sensor).

Sensors 215 can further include other sensors such as an images sensor(e.g., camera), temperature sensor (e.g., thermometer), and biometricsensor (e.g., fingerprint reader). In some embodiments, mobile computingdevice 105 includes a plurality of a given sensor type for makingmulti-channel “diversity” measurements of certain properties.

Processing subsystem 205 is further in communication with several othercomponents and subsystems of mobile computing device 105 such ascommunications 220, display 225, I/O 230, light source 235, speaker 240,and power 245. Although the example in FIG. 2 shows a shared connectionbetween processing subsystem 205 and all of the other components andsubsystems of mobile computing device 105, it should be understood thatany number of connections or interfaces can be used to connectprocessing subsystem 205 to the other components and subsystemsdifferent components.

Communications 220 includes circuitry to facilitate communicationsbetween mobile computing device 105 and other computing and peripheraldevices using various protocols over various transmission mediums. Forexample, communications 220 can include circuitry for communicatingusing wireless technology (e.g., WiFi, cellular, GPS, Bluetooth) andwired technology (e.g., wired Ethernet, USB, optical, Lightning,FireWire). Display 225 can include a flat panel display (e.g., LCDdisplay, OLED display) and associated circuitry for controlling thedisplay of images on the display. In some embodiments, display 225further includes a touch panel or touchscreen display as an input deviceto mobile computing device 105.

I/O 230 can include circuitry corresponding to one or more componentsfor providing input to mobile computing device 105 (e.g., button,slider, switch), and providing output or feedback from mobile computingdevice 105 (e.g., audio signal output, video signal output, vibrationcircuit). Light source 235 can include one or more solid-state lightsources (e.g., LED, OLED, PLED). In some embodiments, light source 235includes components for enhancing or directing light from the solidstate light source (e.g., reflector, lens, diffuser, light guide, lightpipe) and/or circuitry for controlling the operation of light source235. Speaker 240 can include one or more sound-producing components(e.g., speakers) and related components for enhancing or directing sound(e.g., resonance chamber, amplifier). Power 245 can include a batteryfor providing power to the various components of mobile computing device105. Power 245 can also include circuitry for accepting power providedfrom a wired power source (e.g., AC/DC adapter, USB port), and chargercircuitry for charging the battery.

Returning to FIG. 1, system 100 further includes communications network125, mobile network 130, GPS satellites 135, remote server computingdevice 140 and database 145.

Communications network 125 facilitates data communications between thevarious components of system 100. Communications network 125 can be alocal network, such as a LAN, or a wide area network (“WAN”), such asthe Internet and/or a cellular network. Communications network 125 mayalternatively comprise components of both a LAN and a WAN, or any othertype of network known in the art.

In some embodiments, mobile computing device 105 includes connections tonetworks and systems independent of communications network 125 (e.g.,mobile network 130, GPS satellites 135). In some embodiments,communications network 125 includes connections to network 130 and GPSsatellites 135. In some embodiments, mobile computing device 105 andlocal server computing device 120 are in communication via a privatenetwork at property location 110. In some embodiments, mobile computingdevice 105 and local server computing device 120 are in communicationusing near field communications.

Database 145 is a computing device (or in some embodiments, a set ofcomputing devices) coupled to remote server computing device 140 andaccessible to mobile computing device 105 via communications with remoteserver computing device 140 or directly via communications network 125.In some embodiments, database 145 is configured to receive, generate,and store specific segments of data relating to the methods and systemsdescribed herein. In some embodiments, database 145 is repository fordata relating to one or more property locations. In some embodiments,all or a portion of database 145 can be integrated with remote servercomputing device 140 or be located on a separate computing device ordevices. Database 145 can comprise one or more databases configured tostore portions of data used by the other components of the system 100.An exemplary database 145 is MySQL™ available from Oracle Corp. ofRedwood City, Calif.

In some embodiments, remote server computing device 140 and database 145are administered by a group associated with the business owner ofproperty location 110 that manages the business owner's retaillocations, and database 145 is a repository for data relating to aspectsand properties of one or more of the business owner's property locations(e.g., property location 110).

FIG. 3 is a flow diagram of a method 300 for detecting movement of amobile computing device based upon geospatial data about a propertylocation of the mobile computing device, using the system 100 of FIG. 1.Mobile computing device 105 generates (305) a baseline geospatialprofile comprising baseline altitude data, baseline pressure data, and apredetermined pressure range. In some embodiments, mobile computingdevice 105 generates a baseline geospatial profile at a predeterminedinterval (e.g., once per day, once per week). In some embodiments,mobile computing device 105 generates a geospatial proximity profileupon power up or restart of mobile computing device 105. In someembodiments, mobile computing device generates a baseline geospatialprofile upon the termination of a user session.

To generate the baseline geospatial profile, mobile computing device 105first uses the GPS circuitry of communications 220 to communicate withGPS satellites 135, and obtains GPS coordinate data corresponding to itsgeographic location (e.g., at property location 110).

Based upon the GPS coordinate data, mobile computing device 105determines that it is located at property location 110, and retrieves apredetermined altitude threshold corresponding to the altitude ofproperty location 110. For example, property location 110 can be one ofseveral retail stores at which mobile computing device 105 can possiblybe located, and each retail store can be located at a differentaltitude. Mobile computing device 105 can use the GPS coordinate data asa key or index to search a table stored in its memory that maps GPScoordinates to retail store property locations and their correspondingaltitude data. In some embodiments, mobile computing device 105 formatsthe GPS coordinate data into a query submitted to at least one of localserver computing device 120 or remote server computing device 140 whichreturn a response including the predetermined altitude datacorresponding to property location 110. In some embodiments, database145 is a master database containing data about each property location atwhich there is a retail store, and the predetermined altitude data isretrieved from database 145 based upon the GPS coordinate datacorresponding to property location 110.

In some embodiments, property location 110 is constructed according tomunicipal building codes or zoning regulations that require the floorlevel of the retail store at property location 110 to be a certaindistance (e.g., number of steps) above ground level. The baselinealtitude of the geospatial profile can be offset according to thedistance the retail store at property location 110 is above groundlevel. For example, mobile computing device 105 can use such an offsetin making computations related to altitude data received from sensors215.

As part of generating the baseline geospatial profile, mobile computingdevice 105 obtains baseline pressure data from a pressure sensor ofsensors 215. In some examples, the pressure sensor is a hygrometerresponsive to changes in barometric pressure. Mobile computing device105 also retrieves a predetermined pressure range to serve as the valuesto which subsequent samples of pressure are compared. The predeterminedpressure range can correspond to a given time period (e.g., a certainmonth, a certain day) and location (e.g., a state, a town, a specificproperty location). The predetermined pressure range can include aminimum and a maximum pressure value corresponding to the day mobilecomputing device 105 retrieves the predetermined pressure range and itslocation when retrieving it. In some embodiments, mobile computingdevice 105 retrieves the predetermined pressure range from anetwork-connected server computing device storing current and historicalpressure measurements. In some embodiments, mobile computing device 105retrieves the predetermined pressure range from database 145 overcommunications network 125, or via an interaction with remote servercomputing device 140.

The predetermined pressure range can be based upon historical barometricpressure data for a particular property location for a given day. Forexample, based upon measurements from years past, the barometricpressure at a property located in Raleigh, N.C. on a given day in themonth of May can range from 28 inHg and 31 inHg (approximately 970 hPato 1500 hPa). In this case, the predetermined pressure range retrievedby mobile computing device 105 would include values to reflect a minimumpressure of 28 inHg and a maximum pressure of 31 inHg. In someembodiments, the predetermined pressure range is based upon the expectedrange of barometric pressure values indicated in a current forecast forproperty location 110. For example, a weather forecast for Raleigh, N.C.for the same day in May can include an expected barometric oratmospheric pressure range of between 29.95 inHg and 30.05 inHg.

In some embodiments, the pressure values of the predetermined pressurerange represent pressure values measured outdoors, and the values of thepredetermined pressure range are adjusted by an offset to reflect aknown relative difference in pressure inside the retail store atproperty location 110 due to the operation of climate control systems(e.g., HVAC).

Mobile computing device 105 enters (310) a first operational mode,wherein the first operational mode permits a user to establish a usersession on mobile computing device 105. For example, after generatingthe baseline geospatial profile, mobile computing device 105 can enter amode in which a user is permitted to log into mobile computing device105 with their user credentials and start using applications installedon mobile computing device 105.

Upon entering the first operational mode, mobile computing device 105obtains (315) altitude data from a first sensor responsive to a changein altitude of the mobile computing device, and obtains (320) pressuredata from a second sensor responsive to a change in a pressure of thelocation of the mobile computing device. In some examples, the firstsensor is an altimeter. In some embodiments, mobile computing device 105obtains altitude and pressure data from sensors 215 at predeterminedintervals of time (e.g., every 3 seconds).

Mobile computing device 105 generates (325) a geospatial signature basedupon the altitude data and the pressure data obtained at steps 315 and320, respectively. The geospatial signature can be a data structureincluding the values for altitude and pressure obtained from thesensors. In some embodiments, the data values of the geospatialsignature are formatted to facilitate comparison of the altitude andpressure values with values of the baseline geospatial profile. Forexample, the values of the geospatial signature can be formatted to usesame degree of precision and units of measurement as the values in thebaseline geospatial profile.

Mobile computing device 105 compares (330) the geospatial signature andthe baseline geospatial profile, and enters (335) a second operationalmode if a difference between one or more corresponding values of thebaseline geospatial profile and the geospatial signature exceeds apredetermined threshold.

As part of the comparison, mobile computing device 105 determines if adifference between the baseline altitude data of the geospatial profileand the altitude data of the geospatial signature exceeds a firstpredetermined threshold. In some embodiments, determining if thedifference between the baseline altitude data and the altitude dataexceeds a first predetermined threshold includes determining that thealtitude data of the geospatial signature is less than the baselinealtitude data. For example, the first predetermined threshold ispreferably set such that if mobile computing device 105 is removed fromthe retail store, the change in altitude caused by mobile computingdevice 105's descent down the retail store stairs to street level willcause the difference between the baseline altitude data of thegeospatial profile and the altitude data of the geospatial signature toexceed the first predetermined threshold.

However, there is some ambiguity in the comparison due to the differingheights of users that may be holding and operating mobile computingdevice 105 within the retail store at property location 110, and alsodue to altitude differences caused by users that are sitting as opposedto standing, or even occasions when mobile computing device 105 isdropped during use. Accordingly, a determination that the differencebetween the baseline altitude data of the geospatial profile and thealtitude data of the geospatial signature exceeds a first predeterminedthreshold is followed up with a comparison of the pressure data of thegeospatial signature with the predetermined pressure range of thebaseline geospatial profile as described in more detail below.

Mobile computing device 105 determines if a difference between thebaseline pressure data of the geospatial profile and the pressure dataof the geospatial signature exceeds a second predetermined threshold.For example, the second predetermined threshold can be based on apercent change in value (e.g., +/−5%) between the baseline pressure dataof the geospatial profile and the pressure data of the geospatialsignature. Similar to the altitude value comparison described above,there can be some ambiguity in the comparison of pressure values. Forexample, a user may be operating mobile computing device 105 near anentrance to the retail store at property location 110 and the pressuredata sampled by mobile computing device 105 may be influenced by changesin pressure resulting from the entrance door being open nearby whileother patrons enter or exit the retail store. Accordingly, adetermination that the difference between the baseline pressure data ofthe geospatial profile and the pressure data of the geospatial signatureexceeds a second predetermined threshold is followed up with acomparison of the pressure data of the geospatial signature and thepredetermined pressure range of the baseline geospatial profile asdescribed in more detail below.

If mobile computing device 105 determines that either of the first orsecond predetermined thresholds have been exceeded based upon thecomparisons above, mobile computing device 105 determines whetherpressure data of the geospatial signature is outside of thepredetermined pressure range of the baseline geospatial profile. Asdiscussed above, the predetermined pressure range can include a range ofbarometric or atmospheric pressure values corresponding to propertylocation 110 on a given day that are offset to account for a knownrelative difference in pressure between indoors and outdoors due to theoperation of climate control systems. Accordingly, a determination thatthe pressure data of the geospatial signature is outside of thepredetermined pressure range of the baseline geospatial profile canconfirm that mobile computing device 105 has been undesirably removedfrom property location 110, and mobile computing device 105 then entersthe second operational mode.

Mobile computing device 105 performs one or more actions upon enteringthe second operational mode. In some embodiments, mobile computingdevice 105 creates an alert indicating that it has been taken fromproperty location 110. Mobile computing device 105 can format an alertfor transmission as one or more of an SMS message, an iMessage, anemail, or other message format for sending data electronically. Thealert can include one or more of a unique device identifier of themobile computing device, a time stamp indicating when the mobilecomputing device entered the second operational mode and the altitudeand pressure data when mobile computing device 105 entered the secondoperational mode. Mobile computing device 105 can transmit the alert toanother computing device (e.g., local server computing device 120,remote server computing device 140) via a wireless network connection(e.g., mobile network 130, communications network 125). In someembodiments, mobile computing device 105 periodically sends alertsincluding GPS coordinates it obtains from GPS satellites 135.

In some embodiments, upon entering the second operational mode mobilecomputing device 105 locks or ends any user sessions that have beenestablished on mobile computing device 105, or prompts the user to enteruser credential information. In some examples, mobile computing device105 generates an audible alarm using speaker 240. Mobile computingdevice 105 can also generate a visual alarm using display 225 or lightsource 235. For example, mobile computing device 105 can cause a messageto be displayed on display 225 indicating that mobile computing device105 has been improperly taken from property location 110, and canfurther operate light source 235 in a manner intended to attractattention to mobile computing device 105 (e.g., pulsing, flashing,strobing). In some embodiments, upon entering the second operationalmode mobile computing device 105 erases the contents of some or all ofits volatile and non-volatile memory in order to preserve theconfidentiality of any user data that may be stored on mobile computingdevice 105.

FIG. 4 is a flow diagram of a method 400 for detecting a proximity ofmobile computing device 105 based upon physical properties of theproperty location where mobile computing device 105 is located, usingthe system 100 of FIG. 1. Mobile computing device 105 generates (405) abaseline proximity profile including data corresponding to at leastthree properties of a location of mobile computing device 105. In someembodiments, mobile computing device 105 generates a baseline proximityprofile at a predetermined interval (e.g., once per day, once per week).In some embodiments, mobile computing device 105 generates a baselineproximity profile upon power up or restart of mobile computing device105. In some embodiments, mobile computing device generates a baselineproximity profile upon the termination of a user session.

To generate the baseline proximity profile, mobile computing device 105obtains sensor data from a plurality of sensors 215. This data can serveas the baseline against which later-sampled data is compared accordingto method 400. Mobile computing device 105 can obtain first baselinedata from a first sensor responsive to a first property of propertylocation 110. For example, the first sensor can be a 3-axismagnetometer, responsive to a change in the strength of a magnetic fieldat property location 110. The magnetometer can measure the strength ofEarth's magnetic field and can detect changes in the magnetic fieldcaused by other influences (e.g., electromagnetic security system,speaker, electric motor). Mobile computing device 105 can obtain secondbaseline data from a second sensor responsive to a second property ofproperty location 110. For example, the second sensor can be a soundtransducer responsive to a change in one or more properties of the soundat property location 110 such as sound amplitude, a sound tone, and asound pitch. Mobile computing device 105 can obtain third baseline datafrom a third sensor responsive to a third property of property location110. For example, the third sensor can be a light sensor responsive to achange in a property of the light at property location 110 such a changein a plurality of wavelengths of light or an intensity of light.

Generating the baseline geospatial profile can further includedetermining a baseline luminance based upon the third baseline data fromthe light sensor. In some embodiments, the baseline luminance isdetermined by multiplying the red, green, and blue components of thesampled light data by corresponding constants and summing the result.For example, luminance can be determined based on the equationL=0.2126*R+0.7152*G+0.0722*B, where L is luminance, and R, G and B arenumeric values corresponding to red, green and blue components of thesampled light. Finally, mobile computing device 105 can generate abaseline proximity profile data structure including the first baselinedata, the second baseline data, and the baseline luminance.

After generating the baseline geospatial profile, mobile computingdevice 105 enters (410) a first operational mode. The first operationalmode can permit a user to establish a user session on the mobilecomputing device. The first operational mode can be substantiallysimilar to the first operational mode described above with regard tomethod 300.

Upon entering the first operational mode, mobile computing device 105obtains (415) first sensor data from the first sensor, obtains (420)second sensor data from the second sensor, and obtains (425) thirdsensor data from the third sensor. As discussed above, the first,second, and third sensors can each be responsive to a different propertyof property location 110 that are detectable by sensors 215 of mobilecomputing device 105. In some examples, the first sensor data representsthe strength of a magnetic field at property location 110, the secondsensor data represents properties of the sound at property location 110such as sound amplitude, a sound tone, and a sound pitch, and the thirdsensor data represents properties of the light at property location 110such as a plurality of wavelengths of light or an intensity of light. Insome embodiments, mobile computing device 105 obtains data from sensors215 at predetermined intervals of time (e.g., every 3 seconds).

Mobile computing device 105 generates (430) a proximity signature basedupon the first sensor data, the second sensor data, and the third sensordata obtained at steps 415, 420 and 425, respectively. To generate theproximity signature, mobile computing device 105 determines a luminancebased upon the third sensor data. Determining the luminance can be doneusing a substantially similar process as described above with respect todetermining the baseline luminance. After determining the luminance,mobile computing device 105 generates a proximity signature datastructure comprising the first sensor data, the second sensor data, andthe luminance. In some embodiments, the data values of the proximitysignature are formatted to facilitate comparison of the sensor data andluminance values with their counterparts in the baseline proximityprofile. For example, the values of the proximity signature can beformatted to use same degree of precision and units of measurement asthe values in the baseline proximity profile.

Mobile computing device 105 enters (440) a second operational mode if adifference between one or more corresponding values of the baselineproximity profile and the proximity signature exceeds a predeterminedthreshold. Mobile computing device 105 performs a plurality ofoperations to determine whether to enter the second operational mode.For example, mobile computing device 105 determines whether a differencebetween the first baseline data and the first sensor data exceeds afirst predetermined threshold. In some embodiments, the firstpredetermined threshold is exceeded when the percent change between thefirst baseline data and the first sensor data is greater than 40%.

In some embodiments, the first baseline data and the first sensor dataare obtained from a magnetometer. The first baseline data is obtainedwhile mobile computing device 105 is within the retail store at propertylocation 110 and represents the strength of the Earth's magnetic fieldat property location 110 (generally around 30-60 microteslas) along withcontributions by other sources within the retail store (e.g., speakers,building wiring). As long as mobile computing device 105 remains withinthe retail store, the measured magnetic field is not expected to changesignificantly assuming the store layout remains somewhat static.Accordingly, detection of a difference between the first baseline dataand the first sensor data that exceeds the first predetermined thresholdcan be an indication that mobile computing device 105 has beenundesirably removed from property location 110.

Upon detecting that the difference between the first baseline data andthe first sensor data exceeds the first predetermined threshold, mobilecomputing device 105 makes other determinations prior to entering thesecond operational mode. For example, mobile computing device 105determines whether a difference between the second baseline data and thesecond sensor data exceeds a second predetermined threshold, and mobilecomputing device 105 determines whether a difference between thebaseline luminance and the luminance calculated based upon the thirdsensor data exceeds a third predetermined threshold.

In some embodiments, the second baseline data and the second sensor dataare obtained from a sound transducer (e.g., microphone). The secondbaseline data is obtained while mobile computing device 105 is withinthe retail store at property location 110 and represents properties ofthe sound within the retail store under typical conditions (e.g., soundlevel based on typical number of patrons at property location 110,typical volume of music or other audible track being played at propertylocation 110). In some embodiments, the typical sound intensity levelwithin the retail store is between 0 dB and 60 dB. A change between thetypical measured sound intensity value (e.g., second baseline data) anda later-sampled sound intensity value (e.g., second sensor data) canindicate that mobile computing device 105 has been placed in a backpackor bag (e.g., decrease in sound intensity), or that mobile computingdevice 105 has been taken outside of the retail store at propertylocation 110 (e.g., increase or decrease in sound intensity). In someembodiments, mobile computing device 105 enters the second operationalmode if the percent change in value between the second baseline data andthe second sensor data is greater than 40%.

The baseline luminance is computed based on the third baseline datawhich is obtained while mobile computing device 105 is within the retailstore at property location 110 and represents properties of the lightwithin the retail store such as a wavelength of light or intensity oflight. A change between the typical measured luminance value (e.g.,baseline luminance) and a later-sampled luminance value (e.g., theluminance calculated based upon the third sensor data data) can indicatethat mobile computing device 105 has been placed in a backpack or bag(e.g., decrease in luminance), or that mobile computing device 105 hasbeen taken outside of the retail store at property location 110 (e.g.,increase or decrease in luminance). In some embodiments, mobilecomputing device 105 enters the second operational mode if the percentchange in value between the baseline luminance and the luminancecalculated based upon the third sensor data is greater than 50%.

Upon entering the second operational mode, mobile computing device 105can perform substantially similar actions to those described above inrelation to method 300. In some embodiments, the alert includes one ormore of magnetic field data, sound data, and light data captured near orat the time mobile computing device 105 entered the second operationalmode.

The technology described herein can further include systems, methods andapparatuses for monitoring the presence of an authorized user of amobile computing device during a user session based upon motion ofmobile computing device.

Every person's hands exhibit some amount of involuntary shake orvibratory motion, even when an effort is made to keep them still. Thisinvoluntary motion can be caused by, for example, small imperfections inbiomechanical feedback mechanisms of the human body and blood flow inand out of the fingers. Accordingly, there is some amount ofcorresponding motion exhibited by an object that is held in the hands,such as a mobile computing device. Although this involuntary motion canbe imperceptible to a human, it can be quantified by motion sensors of amobile computing device. Further, the motion exhibited by a mobilecomputing device due to the involuntary motion of a particular user'shands can be discerned from the motion exhibited by the mobile computingdevice when it is held by a different user. Accordingly, techniques aredescribed herein for generating a signature for an authenticated userwho has established a user session on a mobile computing device, andmonitoring for the continued presence of the authenticated user based onsample data corresponding to the motion of the mobile computing deviceduring the user session. If the authorized user's presence is notdetected, mobile computing device 105 can take action (e.g., end or lockthe user session) in a matter of seconds without leaving the user'ssensitive and confidential information vulnerable during a lengthytimeout process.

FIG. 5 is a flow diagram of a method 500 for monitoring a presence of anauthorized user of mobile computing device 105 during a user sessionbased upon motion of mobile computing device 105, using the system 100of FIG. 1. Mobile computing device 105 enters (505) a first operationalmode based upon a user session established by a user. For example, acustomer visiting a retail store at property location 110 can pickmobile computing device 105 up from a desk or table and enter their usercredentials at a login page displayed by mobile computing device 105 toauthenticate the customer and establish a user session. The user can bethe authorized user for the user session. In some embodiments, the usersession is established using guest credentials and the first operationalmode allows the user access to an Internet browser for logging into oneor more of the user's accounts.

Upon entering the first operational mode, mobile computing device 105obtains (510) a first sample of first motion data from a first sensorresponsive to a first motion of mobile computing device 105 during theuser session. Mobile computing device 105 also obtains (515) a firstsample of second motion data from a second sensor responsive to a secondmotion of mobile computing device 105 during the user session, whereinthe first motion is different than the second motion. The first sampleof first motion data and the first sample of second motion data cancorrespond to a motion of mobile computing device 105 generated by aphysical interaction of the user with mobile computing device 105 at thetime the user session is established. For example, while the user isholding and interacting with mobile computing device 105 to establishthe user session, mobile computing device 105 can obtain a sample ofmotion data from two of its sensors 215 which are each responsive tochanges in a different type of motion (e.g., linear acceleration,angular velocity) of mobile computing device 105. In some embodiments,mobile computing device 105 captures a plurality of samples of sensordata from the sensors at predetermined intervals of time uponestablishing the user session. In one example, mobile computing device105 captures a sample of motion data from the sensors every second forten seconds. In some embodiments, mobile computing device 105 capturesthe first sample of first motion data and second sample of second motiondata prior to establishment of the user session.

The motion data obtained from each sensor can include data correspondingto at least two directions of motion. As an example, the first sensorcan be a 3-axis accelerometer that provides linear acceleration datacorresponding to three axes of motion. Referring to FIG. 6, diagram 600shows an origin near the center of mobile computing device 105, and axes605 (e.g., X), 610 (e.g., Y), and 615 (e.g., Z) superimposed over it.For each capture of sample data from the 3-axis accelerometer, signedmotion data corresponding to axes X, Y, and Z can be provided. The endsof each axis are labeled with a plus or minus sign to indicate the signof the corresponding data that will be provided by the accelerometerwhen the motion of mobile computing device 105 in the user's handscauses a change in linear acceleration in that respective direction.

Further, the second sensor can be a 3-axis gyroscope that providesangular velocity data (e.g., roll, pitch, and yaw data) corresponding tothree axes of motion. Referring to FIG. 7, diagram 700 shows an originnear the center of mobile computing device 105, and axes 705 (e.g., X),710 (e.g., Y), and 715 (e.g., Z) superimposed over it. For each captureof sample data from the 3-axis gyroscope, signed motion datacorresponding to axes X, Y, and Z can be provided. At one end of eachaxis, lines of rotation (e.g., 720, 725, and 730) having a plus andminus sign indicate the sign of the corresponding data that will beprovided by the gyroscope when the motion of mobile computing device 105in the user's hands causes a change in angular velocity in thatrespective direction.

Although the examples above described the first and second sensors inthe context of 3-axis sensors, it should be understood otherconfigurations of the first and second sensors are possible withoutdeparting from the scope of the technology. In some embodiments, thefirst and second sensors can comprise a plurality of sensors that eachprovide motion data for a single direction of motion.

Mobile computing device 105 generates (520) a first motion signaturebased upon first motion data obtained from a plurality of sensors duringthe user session. The first motion signature corresponds to the user whoestablished the user session (e.g., authorized user). The first motionsignature can be a compilation of the plurality of samples of motiondata captured from the first and second sensors by mobile computingdevice 105 based on the motion of mobile computing device 105. Inexemplary embodiments, mobile computing device 105 can determine a firstplurality of first motion statistics based upon an analysis of the firstplurality of first samples of first motion data, and a first pluralityof second motion statistics based upon an analysis of the firstplurality of first samples of second motion data. For example, mobilecomputing device 105 can determine a maximum, a minimum, an average, anda variance for the motion data obtained from the sensors correspondingto each direction of motion (e.g., motion data related to each axis).

The following pseudo code illustrates an exemplary operation of mobilecomputing device 105 for generating the first motion signature,including determining motion statistics based upon “n” samples of linearacceleration motion data and angular velocity motion data:

generate_Signature (linear[ ], angular[ ], startindex, number ofreadings) { let n = number of readings; let i = startindex;signature.linear.x.max = maximum (linear.x[i..n]) signature.linear.x.min= minimum (linear.x[i..n]) signature.linear.x.mean = average(linear.x[i..n]) signature.linear.x.var = variance (linear.x[i..n])signature.linear.y.max = maximum (linear.y[i..n]) signature.linear.y.min= minimum (linear.y[i..n]) signature.linear.y.mean = average(linear.y[i..n]) signature.linear.y.var = variance (linear.y[i..n])signature.linear.z.max = maximum (linear.z[i..n]) signature.linear.z.min= minimum (linear.z[i..n]) signature.linear.z.mean = average(linear.z[i..n]) signature.linear.z.var = variance (linear.z[i..n])signature.angular.x.max = maximum (angular.x[i..n])signature.angular.x.min = minimum (angular.x[i..n])signature.angular.x.mean = average (angular.x[i..n])signature.angular.x.var = variance (angular.x[i..n])signature.angular.y.max = maximum (angular.y[i..n])signature.angular.y.min = minimum (angular.y[i..n])signature.angular.y.mean = average (angular.y[i..n])signature.angular.y.var = variance (angular.y[i..n])signature.angular.z.max = maximum (angular.z[i..n])signature.angular.z.min = minimum (angular.z[i..n])signature.angular.z.mean = average (angular.z[i..n])signature.angular.z.var = variance (angular.z[i..n]) return signature; }

In some embodiments mobile computing device 105 can normalize the motiondata to remove samples of motion data that reflect transient, jerkymotion and do not correspond to the involuntary movement of the user'shands. For example, mobile computing device 105 can discard motion datasamples that are not within a first normalization threshold. In someembodiments, the first normalization threshold reflects a maximumallowable percent change between samples of motion data captured withina predetermined period of time. In some embodiments, the firstnormalization threshold is a range of values that can be predeterminedor learned during the user session based upon a number of capturedsamples of motion data.

Mobile computing device 105 can generate a first motion signature datastructure that includes the first plurality of first motion statisticsand the first plurality of second motion statistics. Within the firstmotion signature data structure, the first plurality of first motionstatistics can be organized into sets according to direction of firstmotion, and likewise the first plurality of second motion statistics canbe organized into sets according to direction of second motion.

Mobile computing device 105 obtains (525) a second sample of firstmotion data from the first sensor responsive to a first motion of mobilecomputing device 105 during the user session. Mobile computing device105 also obtains (530) a second sample of second motion data from thesecond sensor responsive to a second motion of mobile computing device105 during the user session. The second sample of first motion data andthe second sample of second motion data can correspond to a motion ofmobile computing device 105 generated by a physical interaction of theuser with mobile computing device 105 during the user session. Obtainingthe second sample of first motion data and the second sample of secondmotion data can be accomplished in substantially the same manner asdescribed above. For example, the second sample of first motion data andthe second sample of second motion data mobile computing device 105 caneach comprise a plurality of captured samples of motion data.

Mobile computing device 105 generates (535) a second motion signaturebased upon second motion data obtained from the plurality of sensorsduring the user session. The second motion signature can be generated insubstantially the same manner as described above in relation to thefirst motion signature. Mobile computing device 105 can generate asecond motion signature data structure that is formatted insubstantially the same manner as the first motion signature datastructure to facilitate comparison of the motion statistics contained ineach data structure. In some embodiments, mobile computing device 105generates subsequent motion signatures at predetermined intervals duringthe user session. In one example, mobile computing device 105 generatesa new motion signature to be compared to the first motion signatureevery ten seconds.

Mobile computing device 105 compares (540) the first motion signatureand the second motion signature. For example, for each type of motionsampled (e.g., linear acceleration, angular velocity), mobile computingdevice 105 can determine whether any of the maximum values of the secondmotion statistics of the second motion signature are greater than themaximum values of the first motion statistics of the first motionsignature. Further, mobile computing device 105 can determine whetherany of the corresponding minimum values of the second motion statisticsof the second motion signature are less than the corresponding minimumvalues of the first motion statistics of the first motion signature. Ifeither of these conditions is true, mobile computing device 105 enter(545) a second operational mode if mobile computing device 105determines that a proportion of the corresponding average values of thefirst and second motion signatures exceeds a predetermined threshold(e.g., 25%), or that the corresponding variance values of the first andsecond motion signatures are more than two standard deviations apart.

The following pseudo code illustrates exemplary operations of mobilecomputing device 105 for comparing the first and second motionsignatures:

compare_Signatures (first_sig.linear( ), second_sig.linear( ),   first_sig.angular( ), second_sig.angular( )) {    for (x, y and z)   {       if ((second_sig.linear.mx > first_sig.linear.mx) OR   (second_sig.linear_min < first_sig.linear_min) )       {       if((second_sig.linear.avg / first_sig.linear.avg) < 0.75    OR(second_sig.linear.avg / first_sig.linear.avg) < 1.25)          returnTRUE;       if sqrt(second_sig.linear.var) andsqrt(first_sig.linear.var)    are more than two deviations apart         return TRUE;       }       else       {          return FALSE;      }       if ((second_sig.angular.max > first_sig.angular.max) OR   (second_sig.angular.min < first_sig.angular.min) )       {         if ((second_sig.angular.avg /       first_sig.angular.avg) <0.75 or (second_sig.angular.avg /       first_sig.angular.avg) < 1.25)            return TRUE;          if sqrt(second_sig.angular.var) and      sqrt(first_sig.angular.var) are more than two       deviationsapart             return TRUE;          }          else          {            return FALSE;          }       }    }

Upon entering the second operational mode, mobile computing device 105can perform substantially similar actions to those described above inrelation to method 300.

In some embodiments, mobile computing device 105 can obtain a firstsample of third motion data from a third sensor, the first sample ofthird motion data corresponding to an altitude of mobile computingdevice 105. The first sample of third motion data can be captured uponestablishing the user session. Mobile computing device 105 can determinea change in altitude of mobile computing device 105 based upon a secondsample of third motion data obtained from the third sensor subsequent toobtaining the first sample of third motion data. For example, anauthorized user can have a different motion signature depending onwhether they are standing or sitting. Accordingly, mobile computingdevice 105 can obtain altitude data to determine whether the authorizeduser has changed positions and is now standing or sitting, and captureupdated samples of motion data to generate an updated motion signaturereflecting the user's change in position. In some embodiments, mobilecomputing device 105 can generate an updated motion signature based uponthe user moving between one or more other positions (e.g., leaning,squatting, kneeling).

To generate the updated motion signature, mobile computing device 105can obtain an updated sample of first motion data and an updated sampleof second motion data subsequent to detecting the altitude change.Mobile computing device 105 can compare the first motion signature andthe updated motion signature in substantially the same manner asdescribed above, and enter the second operational mode if a differencebetween the first motion signature and the second motion signatureexceeds a predetermined threshold.

Accordingly, the methods and systems described herein are capable ofmonitoring the presence of an authorized user during a user session andthe movement of mobile computing devices, and protecting sensitive andconfidential information stored on mobile computing devices anddisplayed on mobile computing devices during user sessions.

The above-described techniques can be implemented in digital and/oranalog electronic circuitry, or in computer hardware, firmware,software, or in combinations of them. The implementation can be as acomputer program product, i.e., a computer program tangibly embodied ina machine-readable storage device, for execution by, or to control theoperation of, a data processing apparatus, e.g., a programmableprocessor, a computer, and/or multiple computers. A computer program canbe written in any form of computer or programming language, includingsource code, compiled code, interpreted code and/or machine code, andthe computer program can be deployed in any form, including as astand-alone program or as a subroutine, element, or other unit suitablefor use in a computing environment. A computer program can be deployedto be executed on one computer or on multiple computers at one or moresites. The computer program can be deployed in a cloud computingenvironment (e.g., Amazon® AWS, Microsoft® Azure, IBM®).

Method steps can be performed by one or more processors executing acomputer program to perform functions of the invention by operating oninput data and/or generating output data. Method steps can also beperformed by, and an apparatus can be implemented as, special purposelogic circuitry, e.g., a FPGA (field programmable gate array), a FPAA(field-programmable analog array), a CPLD (complex programmable logicdevice), a PSoC (Programmable System-on-Chip), ASIP(application-specific instruction-set processor), or an ASIC(application-specific integrated circuit), or the like. Subroutines canrefer to portions of the stored computer program and/or the processor,and/or the special circuitry that implement one or more functions.

Processors suitable for the execution of a computer program include, byway of example, special purpose microprocessors specifically programmedwith instructions executable to perform the methods described herein,and any one or more processors of any kind of digital or analogcomputer. Generally, a processor receives instructions and data from aread-only memory or a random access memory or both. The essentialelements of a computer are a processor for executing instructions andone or more memory devices for storing instructions and/or data. Memorydevices, such as a cache, can be used to temporarily store data. Memorydevices can also be used for long-term data storage. Generally, acomputer also includes, or is operatively coupled to receive data fromor transfer data to, or both, one or more mass storage devices forstoring data, e.g., magnetic, magneto-optical disks, or optical disks. Acomputer can also be operatively coupled to a communications network inorder to receive instructions and/or data from the network and/or totransfer instructions and/or data to the network. Computer-readablestorage mediums suitable for embodying computer program instructions anddata include all forms of volatile and non-volatile memory, including byway of example semiconductor memory devices, e.g., DRAM, SRAM, EPROM,EEPROM, and flash memory devices; magnetic disks, e.g., internal harddisks or removable disks; magneto-optical disks; and optical disks,e.g., CD, DVD, HD-DVD, and Blu-ray disks. The processor and the memorycan be supplemented by and/or incorporated in special purpose logiccircuitry.

To provide for interaction with a user, the above described techniquescan be implemented on a computing device in communication with a displaydevice, e.g., a CRT (cathode ray tube), plasma, or LCD (liquid crystaldisplay) monitor, a mobile computing device display or screen, aholographic device and/or projector, for displaying information to theuser and a keyboard and a pointing device, e.g., a mouse, a trackball, atouchpad, or a motion sensor, by which the user can provide input to thecomputer (e.g., interact with a user interface element).

Other kinds of devices can be used to provide for interaction with auser as well; for example, feedback provided to the user can be any formof sensory feedback, e.g., visual feedback, auditory feedback, ortactile feedback; and input from the user can be received in any form,including acoustic, speech, and/or tactile input.

The above-described techniques can be implemented in a distributedcomputing system that includes a back-end component. The back-endcomponent can, for example, be a data server, a middleware component,and/or an application server. The above described techniques can beimplemented in a distributed computing system that includes a front-endcomponent. The front-end component can, for example, be a clientcomputer having a graphical user interface, a Web browser through whicha user can interact with an example implementation, and/or othergraphical user interfaces for a transmitting device. The above describedtechniques can be implemented in a distributed computing system thatincludes any combination of such back-end, middleware, or front-endcomponents.

The components of the computing system can be interconnected bytransmission medium, which can include any form or medium of digital oranalog data communication (e.g., a communication network). Transmissionmedium can include one or more packet-based networks and/or one or morecircuit-based networks in any configuration. Packet-based networks caninclude, for example, the Internet, a carrier internet protocol (IP)network (e.g., local area network (LAN), wide area network (WAN), campusarea network (CAN), metropolitan area network (MAN), home area network(HAN)), a private IP network, an IP private branch exchange (IPBX), awireless network (e.g., radio access network (RAN), Bluetooth, nearfield communications (NFC) network, Wi-Fi, WiMAX, general packet radioservice (GPRS) network, HiperLAN), and/or other packet-based networks.Circuit-based networks can include, for example, the public switchedtelephone network (PSTN), a legacy private branch exchange (PBX), awireless network (e.g., RAN, code-division multiple access (CDMA)network, time division multiple access (TDMA) network, global system formobile communications (GSM) network), and/or other circuit-basednetworks.

Information transfer over transmission medium can be based on one ormore communication protocols. Communication protocols can include, forexample, Ethernet protocol, Internet Protocol (IP), Voice over IP(VOIP), a Peer-to-Peer (P2P) protocol, Hypertext Transfer Protocol(HTTP), Session Initiation Protocol (SIP), H.323, Media Gateway ControlProtocol (MGCP), Signaling System #7 (SS7), a Global System for MobileCommunications (GSM) protocol, a Push-to-Talk (PTT) protocol, a PTT overCellular (POC) protocol, Universal Mobile Telecommunications System(UMTS), 3GPP Long Term Evolution (LTE) and/or other communicationprotocols.

Devices of the computing system can include, for example, a computer, acomputer with a browser device, a telephone, an IP phone, a mobilecomputing device (e.g., cellular phone, personal digital assistant (PDA)device, smart phone, tablet, laptop computer, electronic mail device),and/or other communication devices. The browser device includes, forexample, a computer (e.g., desktop computer and/or laptop computer) witha World Wide Web browser (e.g., Chrome™ from Google, Inc., Microsoft®Internet Explorer® available from Microsoft Corporation, and/or Mozilla®Firefox available from Mozilla Corporation). Mobile computing deviceinclude, for example, a Blackberry® from Research in Motion, an iPhone®from Apple Corporation, and/or an Android™-based device. IP phonesinclude, for example, a Cisco® Unified IP Phone 7985G and/or a Cisco®Unified Wireless Phone 7920 available from Cisco Systems, Inc.

Comprise, include, and/or plural forms of each are open ended andinclude the listed parts and can include additional parts that are notlisted. And/or is open ended and includes one or more of the listedparts and combinations of the listed parts.

One skilled in the art will realize the subject matter may be embodiedin other specific forms without departing from the spirit or essentialcharacteristics thereof. The foregoing embodiments are therefore to beconsidered in all respects illustrative rather than limiting of thesubject matter described herein.

What is claimed is:
 1. A computerized method for monitoring a presenceof an authorized user of a mobile computing device during a user sessionbased upon motion of the mobile computing device, the method comprising:entering, by the mobile computing device, a first operational mode basedupon a user session established by a user; generating, by the mobilecomputing device, a first motion signature data structure comprising (i)a first plurality of first motion statistics based upon an analysis of aplurality of first samples of first motion data obtained from a firstsensor at predetermined intervals of time upon establishing the usersession, and (ii) a first plurality of second motion statistics basedupon an analysis of a plurality of first samples of second motion dataobtained from a second sensor at predetermined intervals of time uponestablishing the user session, the first motion signature correspondingto motion of the mobile computing device generated by an involuntaryphysical movement particular to the user; generating, by the mobilecomputing device, a second motion signature data structure comprising(i) a second plurality of first motion statistics based upon an analysisof a plurality of second samples of first motion data obtained from thefirst sensor at predetermined intervals of time beginning subsequent tocapturing the plurality of first samples of first motion, and (ii) asecond plurality of second motion statistics based upon an analysis of aplurality of second samples of second motion data obtained from thesecond sensor at predetermined intervals of time beginning subsequent tocapturing the plurality of first samples of first motion; and entering,by the mobile computing device, a second operational mode if adifference between data of the first motion signature data structure anddata of the second motion signature data structure exceeds apredetermined threshold.
 2. The method of claim 1 wherein: the firstsensor is responsive to a first motion of the mobile computing deviceduring the user session; and the second sensor is responsive to a secondmotion of the mobile computing device during the user session, whereinthe first motion is different than the second motion.
 3. (canceled) 4.The method of claim 2 wherein: each of the first samples of first motiondata includes motion data corresponding to at least two directions offirst motion; and each of the first samples of second motion dataincludes motion data corresponding to at least two directions of secondmotion.
 5. The method of claim 1 wherein: first plurality of firstmotion statistics are organized into sets according to direction offirst motion, and the first plurality of second motion statistics areorganized into sets according to direction of second motion.
 6. Themethod of claim 1 wherein the first plurality of first motion statisticsand the first plurality of second motion statistics each comprise one ormore of a maximum value, a minimum value, an average value, and avariance value.
 7. The method of claim 1 wherein: each of the secondsamples of first motion data includes motion data corresponding to atleast two directions of first motion; and each of the second samples ofsecond motion data includes motion data corresponding to at least twodirections of second motion.
 8. The method of claim 1 wherein: thesecond plurality of first motion statistics are organized into setsaccording to direction of first motion, and the second plurality ofsecond motion statistics are organized into sets according to directionof second motion.
 9. The method of claim 1 wherein the second pluralityof first motion statistics and the second plurality of second motionstatistics each comprise one or more of a maximum value, a minimumvalue, an average value, and a variance value.
 10. The method of claim 2wherein the first sensor is responsive to a change in linearacceleration.
 11. The method of claim 2 wherein the second sensor isresponsive to a change in angular velocity.
 12. The method of claim 1wherein entering the second operational mode comprises one or more of:locking, by the mobile computing device, the user session; ending, bythe mobile computing device, the user session; generating, by the mobilecomputing device, an audible alarm on a speaker of the mobile computingdevice; generating, by the mobile computing device, a visual alarm on adisplay of the mobile computing device; prompting, by the mobilecomputing device, the user to reenter the user credential information;or erasing, by the mobile computing device, the contents of a volatileand a non-volatile information storage of the mobile computing device.13. The method of claim 1 wherein the plurality of first samples offirst motion data and the plurality of first samples of second motiondata correspond to a motion of the mobile computing device generated bya physical interaction of the user with the mobile computing device atthe time the user session is established.
 14. The method of claim 1wherein the plurality of second samples of first motion data and theplurality of second samples of second motion data correspond to a motionof the mobile computing device generated by the physical interaction ofthe user with the mobile computing device within a predetermined periodof time after the user session is established.
 15. A computerized methodfor monitoring a presence of an authorized user of a mobile computingdevice during a user session based upon motion of the mobile computingdevice, the method comprising: entering, by the mobile computing device,a first operational mode based upon a user session established by auser; generating, by the mobile computing device, a first motionsignature corresponding to motion of the mobile computing devicegenerated by an involuntary physical movement particular to the user,wherein the first motion signature is based upon (i) first samples offirst motion data obtained from a first sensor responsive to a firstmotion of the mobile computing device during the user session, and (ii)first samples of second motion data obtained from a second sensorresponsive to a second motion of the mobile computing device during theuser session; obtaining, by the mobile computing device, first samplesof third motion data from a third sensor, the first samples of motiondata corresponding to an altitude of the mobile computing device,wherein the first samples of third motion data are captured uponestablishing the user session; determining, by the mobile computingdevice, a change in the altitude of the mobile computing device basedupon second samples of third motion data obtained from the third sensorsubsequent to obtaining the first samples of third motion data;generating, by the mobile computing device, an updated first motionsignature based upon updated samples of first motion data and updatedsamples of second motion data, wherein the updated samples of first andsecond motion data are obtained subsequent to detecting the altitudechange; generating, by the mobile computing device, a second motionsignature based upon (i) second samples of first motion data obtainedfrom the first sensor, and (ii) second samples of second motion dataobtained from the second sensor; comparing, by the mobile computingdevice, the updated first motion signature and the second motionsignature; and entering, by the mobile computing device, a secondoperational mode if a difference between the updated first motionsignature and the updated motion signature exceeds a predeterminedthreshold.
 16. A computer program product, tangibly embodied in anon-transitory computer readable storage device, for monitoring apresence of an authorized user of a mobile computing device during auser session based upon motion of the mobile computing device, thecomputer program product including instructions operable to cause themobile computing device to: enter a first operational mode based upon auser session established by the user; generate a first motion signaturedata structure comprising (i) a first plurality of first motionstatistics based upon an analysis of a plurality of first samples offirst motion data obtained from a first sensor at predeterminedintervals of time upon establishing the user session, and (ii) a firstplurality of second motion statistics based upon an analysis of aplurality of first samples of second motion data obtained from a secondsensor at predetermined intervals of time upon establishing the usersession, the first motion signature corresponding to motion of themobile computing device generated by an involuntary physical movementparticular to the user; generate a second motion signature datastructure comprising (i) a second plurality of first motion statisticsbased upon an analysis of a plurality of second samples of first motiondata obtained from the first sensor at predetermined intervals of timebeginning subsequent to capturing the plurality of first samples offirst motion, and (ii) a second plurality of second motion statisticsbased upon an analysis of a plurality of second samples of second motiondata obtained from the second sensor at predetermined intervals of timebeginning subsequent to capturing the plurality of first samples offirst motion; and enter a second operational mode if a differencebetween data of the first motion signature data structure and data ofthe second motion signature data structure exceeds a predeterminedthreshold.
 17. The computer program product of claim 16 wherein: thefirst sensor is responsive to a first motion of the mobile computingdevice during the user session; and the second sensor is responsive to asecond motion of the mobile computing device during the user session,wherein the first motion is different than the second motion. 18.(canceled)
 19. The computer program product of claim 17 wherein: each ofthe first samples of first motion data includes motion datacorresponding to at least two directions of first motion; and each ofthe first samples of second motion data includes motion datacorresponding to at least two directions of second motion.
 20. Thecomputer program product of claim 16 wherein: the first plurality offirst motion statistics are organized into sets according to directionof first motion, and the first plurality of second motion statistics areorganized into sets according to direction of second motion.
 21. Thecomputer program product of claim 16 wherein the first plurality offirst motion statistics and the first plurality of second motionstatistics each comprise one or more of a maximum value, a minimumvalue, an average value, and a variance value.
 22. The computer programproduct of claim 16 wherein: each of the second samples of first motiondata includes motion data corresponding to at least two directions offirst motion; and each of the second samples of second motion dataincludes motion data corresponding to at least two directions of secondmotion.
 23. The computer program product of claim 16 wherein: the secondplurality of first motion statistics are organized into sets accordingto direction of first motion, and the second plurality of second motionstatistics are organized into sets according to direction of secondmotion.
 24. The computer program product of claim 16 wherein the secondplurality of first motion statistics and the second plurality of secondmotion statistics each comprise one or more of a maximum value, aminimum value, an average value, and a variance value.
 25. The computerprogram product of claim 17 wherein the first sensor is responsive to achange in linear acceleration.
 26. The computer program product of claim17 wherein the second sensor is responsive to a change in angularvelocity.
 27. The computer program product of claim 16 furthercomprising instructions operable to cause the mobile computing device toperform one or more of: lock the user session; end the user session;generate an audible alarm on a speaker of the mobile computing device;generate a visual alarm on a display of the mobile computing device;prompt the user to reenter the user credential information; or erase thecontents of a volatile and a non-volatile information storage of themobile computing device.
 28. The computer program product of claim 16wherein the plurality of first samples of first motion data and theplurality of first samples of second motion data correspond to a motionof the mobile computing device generated by a physical interaction ofthe user with the mobile computing device at the time the user sessionis established.
 29. The computer program product of claim 16 wherein theplurality of second samples of first motion data and the plurality ofsecond samples of second motion data correspond to a motion of themobile computing device generated by the physical interaction of theuser with the mobile computing device within a predetermined period oftime after the user session is established.
 30. A computer programproduct, tangibly embodied in a non-transitory computer readable storagedevice, for monitoring a presence of an authorized user of a mobilecomputing device during a user session based upon motion of the mobilecomputing device, the computer program product including instructionsoperable to cause the mobile computing device to: enter a firstoperational mode based upon a user session established by the user;generate a first motion signature corresponding to motion of the mobilecomputing device generated by an involuntary physical movementparticular to the user, wherein the first motion signature is based upon(i) first samples of first motion data obtained from a first sensorresponsive to a first motion of the mobile computing device during theuser session, and (ii) first samples of second motion data obtained froma second sensor responsive to a second motion of the mobile computingdevice during the user session; obtain first samples of third motiondata from a third sensor, the first samples of third motion datacorresponding to an altitude of the mobile computing device, wherein thefirst samples of third motion data are captured upon establishing theuser session; determine a change in the altitude of the mobile computingdevice based upon second samples of third motion data obtained from thethird sensor subsequent to obtaining the first samples of third motiondata; generate an updated first motion signature based upon updatedsamples of first motion data and updated samples of second motion data,wherein the updated samples of first and second motion data are obtainedsubsequent to detecting the altitude change; generate a second motionsignature based upon (i) second samples of first motion data obtainedfrom the first sensor, and (ii) second samples of second motion dataobtained from the second sensor; compare the updated first motionsignature and the updated motion signature; and enter a secondoperational mode if a difference between the updated first motionsignature and the second motion signature exceeds a predeterminedthreshold.